Join 500+ Software Testing professionals. Solve problem and get your problem solved. Register Now!

0
How to start Penetration Testing.

Open 2 Answers 50 Views
0 2
Any reference website for Penetration Testing or any good tool for that?

2 Answers

1
1
When trying to start learning Penetration testing, it's imperative to do a lot of reading and research and then start , otherwise you'll be lost in a sea of information and tools and what not.

First of all understand the way the web works, how a website actually works. Once you're familiar with concepts of these, then read and analyse the weak points - the points where you, as a hacker, will be able to penetrate into any web platform. It may include the Databases, the servers, the data storage facilities, the network, the front end Javascript (popular choice) and underlying back end application/business code.

All of these areas have their own penetration points which, you need to identify at first and then select which ones to target. Tools are just a help in the process- the real deal is the knack of finding these weak points.
answered by (53 points)
0
0
Hello Folks,

I am using ZAP Tool (OWASP) and if you want to perform security testing then download Multillidae and DVWA Application .So, that easily you will tested all a1 to a10 OWASP.

Morever , there are many tools in market for performing Security Testing

Netsparker

OWASP

Wireshark

Metaspolit

ZAP

Burpsuite

IBM Security AppScan

Wapiti

Kali Linux

Acunetix
answered by (748 points)
2Comments
commented by (53 points)
Wapiti is deprecated and would cause problems with Mac machines because of Java 6 issues.
Burpsuite only gives few features without going premium.
Metaspoilt has a lot of vulnerabilities of it's own which causes a lot of firms to ban it since it's notorious for collection and misuse of data.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.
Anti-spam verification:
To avoid this verification in future, please log in or register.
...